I get userid when a user login, against that userid im trying to get the the roles.
based on the role the user is going to be authorized what he can do.
so what my main objective is to do the role based authorization.
What I have tried:
public int Authenticate(string email, string password)
{
var loggedUser = Mdb.Users.FirstOrDefault(x => x.Email.ToLower() == email.ToLower() && x.Password == password && x.IsDeleted == false);
if (loggedUser != null)
{
return loggedUser.id;
}
return 0;
}
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
return View();
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
var Model = new LoginModel();
if (ModelState.IsValid)
{
var userId = uServices.Authenticate(model.Email, model.Password);
if (userId > 0)
{
FormsAuthentication.SetAuthCookie(model.Email, false);
Session["Userid"] = userId;
if (!string.IsNullOrEmpty(returnUrl))
{
if (returnUrl.Equals("/"))
{
return RedirectToAction("List", "User");
}
else
{
return Redirect(returnUrl);
}
}
else
{
return RedirectToAction("List", "User");
}
}
else
{
ModelState.AddModelError("", "Invalid Email or Password");
}
}
else
{
ModelState.AddModelError("", "Invalid Email or Password");
}
return View(Model);
}
public ActionResult Logout()
{
FormsAuthentication.SignOut();
Session.Abandon();
Session.RemoveAll();
return RedirectToAction("Login");
}
public static class Permissions
{
public readonly static string Can_Add_User = "Can_Add_User";
public readonly static string Can_Edit_User = "Can_Edit_User";
public readonly static string Can_Delete_User = "Can_Delete_User";
public readonly static string Can_Manage_User = "Can_Manage_User";
public readonly static string Can_ViewList = "Can_ViewList";
}
<pre> public bool HasPermission(string permissionkey, int userId)
{
var roles = Mdb.Users.Where(x => x.id == userId).Select(y => y.User_Role_Mapping.Select(u => u.Roles.Name));
}
if (UserServices.HasPermission(Permissions.Can_Add_User))
{
}